Release Notes for Crosswork Network Controller, Release 7.1.0
Available Languages
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- US/Canada 800-553-2447
- Worldwide Support Phone Numbers
- All Tools
Feedback
Feedback
Cisco Crosswork Network Controller, Release 7.1.0
Cisco Crosswork Network Controller, Release 7.1.0
Cisco Crosswork Network Controller 7.1.0 is a significant release of Cisco's transport SDN controller, designed to empower customers with enhanced capabilities for simplifying and automating intent-based network service provisioning, health monitoring, and optimization across multi-vendor environments.
This release focuses on improving operational efficiency, scalability, and resilience through key advancements. It introduces greater deployment flexibility with KVM support and single VM option, alongside critical infrastructure enhancements like automated geo-redundancy and streamlined patching for reduced operational impact. Automation is significantly boosted with dynamic VPN service provisioning, advanced traffic engineering, and the introduction of workflow automation and fleet upgrade capabilities for Premier tier users.
Furthermore, the release enhances network visibility and management through personalized dashboards, custom metrics, and improved Device Lifecycle Management features, including configuration templates. These improvements collectively aim to provide a more robust, secure, and user-friendly experience for managing complex network services.
Add-on package availability update
Change Automation and Health Insights is supported only for customers who purchased Change Automation and Health Insights as add-on option with Crosswork Network Controller 6.0 and earlier versions.
For purchases made with Crosswork Network Controller version 6.0, support ends on June 30, 2026, as defined in the Statement of Support.
For earlier Crosswork Network Controller versions, refer to the Statement of Support for the applicable end-of-support date.
For more information on the Add-on package, contact your account team or Cisco partner.
Solution components
Crosswork Network Controller components:
Table 1. Crosswork Network Controller 7.1.0 components
| Component |
Description |
| Platform Infrastructure |
A resilient and scalable platform on which all Cisco Crosswork components can be deployed. The infrastructure is based on a cluster architecture to ensure extensibility, scalability, and high availability. For installation, configuration, and administration procedures, refer to: |
| Optimization Engine |
Provides closed-loop tracking of the network state and real-time network optimization in response to changes in the network state, allowing operators to effectively maximize network capacity utilization and increase service velocity. Provides traffic engineering visualization of SR-MPLS, SRv6, and RSVP-TE policies. For more information, see the Crosswork Network Controller 7.1.0 Traffic Engineering and Optimization guide. |
| Service Health |
Overlays a service-level view of the environment and allows operators to monitor the health of services (for example, L2/L3 VPN) based on rules established by the operator. For more information, see the Crosswork Network Controller 7.1.0 Service Health Monitoring guide. |
| Health Insights |
Performs real-time Key Performance Indicator (KPI) monitoring, alerting, and troubleshooting. It builds dynamic detection and analytics modules, allowing operators to monitor and alert network events based on user-defined logic. For more information, see the Crosswork Network Controller 7.1.0 Closed-Loop Network Automation guide. |
| Change Automation |
Automates the process of deploying changes to the network. For more information, see the Crosswork Network Controller 7.1.0 Closed-Loop Network Automation guide. |
| Topology visualization |
Provides intent-driven provisioning and visualization of L2VPN and L3VPN services, enabling operators to define, monitor, and maintain service-level agreements (SLAs) through an intuitive UI or APIs. Delivers comprehensive insights into network topology, traffic paths, and underlay transport policies, facilitating management and optimization of complex service deployments. Supports real-time analysis and proactive adjustments to ensure alignment with intent-based network objectives, while supporting network slicing at the OSI transport layer to optimize service management and meet intent-based requirements. For more information, see the Crosswork Network Controller 7.1.0 Administration Guide. |
| Data Gateway |
A secure, common collection platform for gathering network data from multi-vendor devices that supports multiple data collection protocols, including MDT, SNMP, CLI, standards-based gNMI (dial-in), and syslog. For more information, see the Crosswork Network Controller 7.1.0 Administration Guide. |
| Element Management Functions |
Provides essential element management functions including Zero Touch Device onboarding, detailed inventory visualization, device fault and metrics monitoring, software image management and device configuration management. This includes Day-1 parameterized underlay configuration and configuration backup and restoration. These essential functions are available across supported XR, XE and Nexus devices and helps operator's role out a single pane of glass for device monitoring for their Cisco network. For more information, see Crosswork Network Controller 7.1.0 Device Lifecycle Management. |
Crosswork Network Controller is integrated and tested with these products:
Table 2. Crosswork Network Controller 7.1.0 enabled functionality
| Products |
Version |
Description |
| Crosswork Network Services Orchestrator |
6.4.1.1 |
An orchestration platform that makes use of pluggable function packs to translate network-wide service intent into device-specific configuration. Cisco NSO provides flexible service orchestration and lifecycle management across physical network elements and cloud-based virtual network functions (VNFs), fulfilling the role of the Network Orchestrator (NFVO) within the ETSI architecture. It provides complete support for physical and virtual network elements, with a consistent operational model across both. It can orchestrate across multi-vendor environments and support multiple technology stacks, enabling extension of end-to-end automation to virtually any use case or device. Note: Function Packs are required to support compatibility with certain applications. |
| Cisco Segment Routing Path Computation Element (SR-PCE) |
25.2.1 |
An IOS-XR multi-domain stateful PCE supporting both segment routing (SR) and Resource Reservation Protocol (RSVP). Cisco SR-PCE builds on the native Path Computation Engine (PCE) abilities within IOS-XR devices and provides the ability to collect topology and segment routing IDs through BGP-LS, calculate paths that adhere to service SLAs, and program them into the source router as an ordered list of segments. |
Crosswork Network Controller packages
Crosswork Network Controller is available as downloadable software packages with additional add-on packages.
Table 3. Crosswork Network Controller 7.1.0 software packages
| Software package |
Supported functionality |
| Crosswork Network Controller Essentials |
● Device Lifecycle Management (Inventory, ZTP, Fault, Performance, Configuration management, SWIM)
● Physical Topology Visualization
|
| Crosswork Network Controller Advantage[1] |
● Provisioning
● Visualization
● Service Health Monitoring
● Path Compute
● Traffic Engineering
● Optimization
|
| Crosswork Network Controller Premier[2] |
● Workflow Automation
● Fleet Upgrade
|
These tables list the primary new features and functionality introduced in Crosswork Network Controller 7.1.0:
Platform Infrastructure
| Feature |
Description |
|
| Ease of setup
|
KVM-based hypervisor support |
Ability to deploy Crosswork Network Controller on KVM-based hypervisor. This feature enhances flexibility in choosing virtualization platforms, supporting broader deployment scenarios with general KVM deployments. |
| Single VM deployment support for the Advantage tier |
CNC Single VM Advantage introduces a streamlined solution for customers with smaller network environments. This feature consolidates CNC solution components into a single virtual machine (VM) form factor, delivering:
● Single VM deployment: Optimizes resources by enabling the Crosswork Network Controller Advantage tier to run on a single VM, while retaining full functionality with embedded NSO.
● Automated out-of-the-box setup: Simplifies deployment with pre-configured collection, configuration database, and applications.
● Compact design: Ideal for small-scale environments, offering an efficient and hassle-free CNC solution.
|
|
| Geo Redundancy auto-arbitration |
Provides auto-arbitration for cluster failover, enhancing system resilience by automating the transition between active and standby clusters during failures with an arbiter node. |
|
| Patching support |
With this feature, Cisco now delivers OS security patches, along with other security and system management updates, reducing operational impact and providing the agility to efficiently secure and manage your network—eliminating the need for a full cluster rebuild or reliance on scripts and tools to apply security updates.
● Rolling Updates: Enables seamless application updates with minimal disruption to operations.
● Batch Installation: Enables sequential download and installation of multiple applications, thereby enhancing efficiency and minimizing downtime.
|
|
| Runtime workload management |
Enables dynamic service creation and scaling based on application needs, optimizing resource allocation by allowing on-demand service instantiation and scaling for efficient resource use. |
|
| Topology services |
Topology services have transitioned from Neo4j to Postgres for better performance and stability. |
|
| Personalize Dashboards for better insights |
With the improvements to Dashboards, you can create personalized dashboards by selecting specific entities such as devices, interfaces, or services and key metrics that matter most to your operations. Save these custom views for quick access, share them with your team, and organize dashboards into tabs for better insight management. For more information on using dashboards, see the Customize dashboards to monitor metrics chapter in the Crosswork Network Controller 7.1 Administration Guide. |
|
| Hardware reliability |
Full support for XE devices |
Full support for various Cisco XE devices, such as the C8300-2N2S-4T2X. |
Traffic Engineering
| Product impact |
Feature |
Description |
| API experience
|
Bulk information retrieval and pagination support |
Crosswork Hierarchical Controller and OSS systems can now retrieve service and topology data using paginated bulk retrieval. Using RESTCONF APIs pagination support improves scalability by allowing access to the data in smaller chunks. |
| Mapping between service and underlay transport |
Using APIs, HCO, or OSS systems integrating with Crosswork Network Controller can retrieve discovered underlay transport data for VPN services managed through Crosswork Network Controller. For example: When given a service instance path, it returns the operating data that includes the discovered underlay transport for a service. When given a transport reference, such as SR-TE or RSVP-TE, it returns a list of service instances that use the given transport. |
|
| The collection of topology information for the SR-PCE has been enhanced to leverage gRPC, providing a more efficient and streamlined approach to discovering topology, SR-MPLS, and SRv6 policies. With the adoption of the gRPC connection type, the dependency on the topology property key has been removed. This property key is now disabled and will be ignored, even if configured. The pce property key remains available and continues to enable the discovery of RSVP-TE tunnels and PCEP sessions, which are essential for all LSP provisioning. This property key is enabled by default to ensure seamless operation. |
||
| Ease of setup
|
Local Congestion Manager (LCM) |
LCM configuration now supports the option to include or exclude link affinities (preconfigured on the routers) per domain. |
| Dynamic creation of transport resources for VPN services |
Crosswork Network Controller can now dynamically determine the most efficient routes for VPN service requests. With this feature, the system can dynamically create and deploy TE policies during service creation, ensuring compliance with Service Level Agreements (SLA) and Service Level Specifications (SLS). During VPN service deployment, the Crosswork Network Controller matches the service's SLA goal with pre-configured criteria. Once a match is identified, the system automatically creates and deploys new transport policies based on the associated TE template and attaches them to the VPN service. Note: When the Cisco NSO Traffic Engineering Manager function pack is deployed, the Dry run feature for creating VPN services will display changes to the service-level configuration only. Changes to the underlay configuration are excluded from the dry run output. Similarly, when editing services using the Dry run feature, any underlay configs in the device configuration will not be displayed. |
|
| Ease of use
|
Workload Manager |
Auto Rebalance: Automatically rebalances workloads to underutilized nodes when a node is added or replaced, improving overall resource utilization. |
| Database Management |
Dynamic Placement: Dynamically places databases optimally across available nodes, ensuring even distribution of database workloads and efficient workload pinning based on the number of nodes. |
|
| Enhanced service and topology notifications |
Using industry standard RC8639 for Yang-based notifications, devices monitored by Crosswork Network Controller now receives, displays, and if configured, forwards information about operational changes to devices in the network that impact L2 topologies, such as IGP, RSVP-TE tunnels and SR policies, as well as L2VPN and L2VPN services. |
|
| Software reliability
|
Circuit-Style Manager (CSM) |
CSM now supports Shared Risk Link Groups (SRLG) disjointness. A SRLG consists of multiple links that rely on a common resource, making them susceptible to the same potential failures. SRLG disjointness is a setting that specifies in the circuit-style SR-TE policy that Working and Protect paths cannot use links that are part of the same SRLG. |
| Transport Layer Security (TLS) data migration optimization |
Data optimization of TLS manager’s migration flow during disaster-restore or data-restore with no change to previous migration flows. |
Service Health
| Product impact |
Feature |
Description |
| API experience |
Enhanced Service Health NBI |
Added support for service data bulk API operations and enhanced notifications for Service Health changes. |
| Ease of use
|
Enhancements to the historical data graph for large L3VPN services |
Additional historical data graph pop-up details available:
● Node Name
● Service Health
The addition of the Service Health status helps eliminate confusion between the Event Health (node status) and the Service Health status.
● Enhanced options for selecting time increments in the historical data graph.
● Expanded graph width options for viewing additional details.
● Updated historical timeline legend colors.
|
| Enhancements to the Service Health UI |
● Clickable functionality added to Service Health State charts and graphs on the dashboard.
● Improved expand-collapse graph functionality for convenient resizing.
● New graph-only attribute results in faster graphic loading.
|
|
| Support for SRv6 ODN for L2VPN services |
Heuristic Package changes made to support SRv6 ODN for L2VPN services. |
|
| Software reliability
|
Single VM support |
Number of supported Service Health monitoring devices (maximum):
● Basic monitoring: 2000
● Advanced monitoring: 200
● L3VPN services (with more than 200 nodes): 1
● Probe sessions for end-to-end monitoring: 200
|
| Replaced Neo4j with Postgres |
Switched from using Neo4j to Postgres for storing all assurance graph data. This planned change delivered equal or better performance in storing assurance graph data. |
Data Gateway
| Product impact |
Feature |
Description |
| Ease of use
|
The Crosswork Network Controller automatically pushes the updated certificate to Data Gateway. For certificate renewal instructions, see the Automatic renewal of internal certificates section in the Crosswork Network Controller 7.1 Administration Guide. |
|
| Change to cache management |
In this release, the cache management is enhanced to optimize system performance and usability. Previously, cache dumps were executed every minute, leading to excessive disk I/O operations regardless of changes. Now, cache dumps occur only when changes are detected, reducing unnecessary disk usage and improving system efficiency. |
|
| Merged SNMP rows for complete data visibility |
Release 7.1 automatically merges split rows in SNMP responses, ensuring complete interface details and accurate topology data without requiring changes to the SNMP packet size. For details, see the Add devices through the UI section in the Crosswork Network Controller 7.1 Administration Guide. |
|
| Software reliability
|
New Trap Source IP field added for SNMP trap handling |
In the 7.1 release, you can configure the SNMP trap source address for each device. In previous releases, SNMP traps were discarded if the source address did not match the device’s configured SNMP address. With this update, Data Gateway accepts traps from the specified source address, ensuring that valid traps are processed. For configuration instructions, see the Add devices through the UI section in the Crosswork Network Controller 7.1 Administration Guide. |
| Bidirectional streaming for superior performance |
The bidirectional streaming feature optimizes thread consumption and enhances the efficiency of command and response handling within our system. |
|
| SNMPv3 supports HMAC-SHA-2 for stronger authentication |
Crosswork Network Controller has strengthened the security infrastructure by including support for the HMAC-SHA-2 authentication protocols. The HMAC-SHA-2 protocol is compatible with Cisco IOS-XR, IOS-XE, and NX-OS devices, offering robust security. For details, see the Credential profile template guidelines section in the Crosswork Network Controller 7.1.0 Administration Guide. |
|
| Upgrade to the XDE library |
The XDE library has been updated from version 3.4.x to the latest 3.5.x, and the YANG tools have been upgraded from 1.x to the 7.0.18 version. These updates address potential security vulnerabilities found in older versions, ensuring a safer and more robust environment for your operations. |
|
| Upgrade
|
Improved patching experience with rolling upgrade |
The Crosswork Data Gateway patching process is now more efficient with the support for rolling upgrades. With this mechanism, patches are applied first to the spare Data Gateway, then to the active Data Gateway, minimizing disruption to data collection. The Crosswork Network Controller UI and alarms now displays clear, real-time patching progress to help you monitor each step of the upgrade with ease. For details, see the Crosswork Data Gateway patches and patch management section in the Crosswork Network Controller 7.1.0 Installation Guide. |
| Enhanced security patch application |
Security patches are now applied to Crosswork Data Gateway base VMs while ensuring minimal impact on data collection and system operations. This seamless approach replaces the earlier full-system upgrade method, offering a more controlled and efficient way to deploy critical fixes. For details, see the Crosswork Data Gateway patches and patch management section in the Crosswork Network Controller 7.1.0 Installation Guide. |
Device Lifecycle Management
| Product impact |
Feature |
Description |
| Ease of setup |
Configuration templates for devices |
● Ability to deploy templates for quick and consistent application of settings across similar network devices.
● Includes out-of-the-box system templates with predefined configurations as well as user defined templates that can be created and customized.
● Option to manage and deploy the templates with version control through a template dashboard. It offers immediate and scheduled deployment options.
● Includes feature to configure interfaces and optical settings by deploying templates directly from the topology view.
|
| Ease of use
|
Enhanced configuration backup and restore |
● Option to schedule automatic device configuration backups and on-demand restore.
● Includes features to efficiently manage and compare backups.
|
| Support for custom metrics |
● Ability to collect custom metrics from devices and stream them to external systems. Includes newly added PTP, SyncE and GNSS metrics.
● Option to use gNMI for interface health and LSP traffic data collection instead of the default SNMP protocol.
● Option to create threshold crossing alarms (TCAs) and customize the schedule of metric collection.
|
|
| Support for Top N metric visualization and reporting |
● Option to customize the display of critical metrics and set threshold alerts.
● Allows identification of issues across network segments by device type or device group.
● Option to create custom metrics dashboards with filters based on device groups and port groups for better analysis.
|
|
| Support for custom alarms |
● Ability to configure new syslog and SNMP-trap events as custom alarms, using REST API.
● Includes options to define the severity and context for these alarms.
|
|
| FQDN support for application Kafka streaming configurations |
Ability to configure external Kafka servers via REST APIs using Fully Qualified Domain Names (FQDN) to receive notifications. Previously limited to IP addresses, this enhancement adds flexibility by supporting FQDNs for Kafka streaming functionality. |
Change Automation
| Product impact |
Feature |
Description |
| Software reliability |
Support for SR-TE path validation through Optimization Engine integration |
Two new plays are available to automate the verification of SR-TE paths against the network's Label Switch Path (LSP). By using these plays together, you can ensure that the paths meet optimal performance and reliability standards.
● Get Head-End TE-Router-ID play: Retrieves the head-end TE-Router-ID of the SR-TE path, enabling precise path identification and validation.
● Request SR Policy from Optimization Engine play: Collects the SR policy hop details using Optimization Engine API. This play verifies the SR-TE hop list against the network model's specific criteria, such as bandwidth availability, minimal delay, and efficient resource utilization.
|
Health Insights
| Product impact |
Feature |
Description |
| API experience |
New sensor paths for compatibility with new Cisco IOS XR devices |
New sensor paths have been introduced for the Layer3-Routing, QoS, and Layer2-Traffic (Openconfig Interfaces) KPI categories to ensure compatibility with Cisco IOS XR devices running version 24.1.1 and above. These updated sensor paths offer improved performance and seamless integration with newer devices. For devices running Cisco IOS XR version 7.9.21 and earlier, the Layer3-Routing-deprecated sensor paths will remain temporarily supported. Users must select the appropriate sensor paths based on the IOS XR version of their device. Note: When upgrading from an older version of Crosswork Network Controller to 7.1, any KPI profiles containing these KPIs will be disabled during migration. To apply the new sensor paths, users must manually re-enable the KPI profiles after the upgrade. |
Workflow Automation (Premier Tier Only)
| Product impact |
Feature |
Description |
| API experience |
Do It Yourself automation workflows |
Enables customers to build, schedule, and track their own automation workflows, with capabilities to integrate to existing Operations Support Systems (OSS) and Business Support Systems (BSS) within their environment using adapters for the API interfaces. Such workflows can be designed to integrate inputs needed by the workflow, message to Operators for approvals or other inputs, validate results, and archive as desired. Cisco® provides a set of baseline adapters including REST, SQL, NSO, SMTP, CLI (SSH), and the ability to auto-generate adapters for APIs conformant with OpenAPI specification or specific NSO Yang models. For custom integrations, Cisco provides also a Software Development Kit (SDK) to allow customers to build additional adapters to fit their environment. The provided management environments enable tracking of jobs and review of event history within each job. |
Fleet Upgrade (Premier Tier Only)
| Product impact |
Feature |
Description |
| Upgrade |
Fleet upgrade |
Enables router OS upgrades in bulk, which you can tailor to your needs. In addition to the base workflow, which includes a base set of pre-checks and post-checks as well as the logic for driving the upgrades to the routers, this functionality provides a “MOP Builder” that lets user include actions to be executed within the upgrade job. Software images can be accessed onboard or downloaded from Cisco.com and provided for use. Operators can select the set of devices to be upgraded and the associated image for each scheduled job. The operations panels included provide for configuring policies, running conformance reports on the selected combination of devices and images, and details of success or failure per device. |
Documentation
| Product impact |
Feature |
Description |
| Ease of use |
Documentation |
The Crosswork Network Controller Information Center is now available for 7.1.0. The information is categorized by functional area, making it easy to find and access. |
This section outlines changes to feature behavior or system operations resulting from this release.
Table 4. Changes in behavior in Crosswork Network Controller
| Description |
Behavior changes |
| Amazon EC2 support
|
Deployment of Crosswork Network Controller version 7.1.0 is supported only on KVM and vCenter platforms. Deployment on Amazon EC2 platform will be supported in the subsequent maintenance release after the 7.1.0 release. |
| SR-MPLS policy and topology discovery |
In addition to HTTP, any SR-PCE provider in the system that is expected to discover topology, SR-MPLS, and SRv6 policies, must have gRPC configured as the connection type. If gRPC with Transport Layer Security (TLS) is required, a certificate must also be generated and added with the Secure gRPC communication role. See Requirements for adding SR-PCE providers in the Crosswork Network Controller 7.1.0 Administration Guide. |
| Removal of "Node State Snapshot" playbook |
The playbook "Node State Snapshot" has been removed from Change Automation and is no longer supported. |
| Dashboard resizing options have been removed |
To enhance clarity and improve data readability, dashboards, and dashlets now have a fixed size. Resizing options have been removed to prevent layout issues and maintain clarity of the displayed data. |
Table 5. Changes in behavior in Crosswork Data Gateway
| Description |
Behavior changes |
| Deprecation of LZ4 compression support |
We are discontinuing support for the LZ4 library starting with the Crosswork Network Controller 7.1 release. As part of this change, the LZ4 library is removed from the Crosswork Network Controller UI and API. We encourage users to transition to alternative supported compression algorithms such as Snappy, Gzip, and Zstd to ensure the continued security and reliability of their systems. For additional support, contact the Cisco Customer Experience team. |
| Day-N Geo enablement required re-deployment of Crosswork Data Gateway VMs |
Automatic certificate updates now eliminate the need to redeploy the Data Gateway for Crosswork Network Controller deployments. |
Table 6. Changes in behavior in Device Lifecycle Management
| Description |
Behavior changes |
| The Device type field found in the Add New Device and Edit Device pages of Crosswork Network Controller will be deprecated in the 7.2 release. |
Going forward, Crosswork Network Controller will depend on the Product family field, which is automatically discovered from the network or devices during device discovery. Additionally, the Device type data will no longer be accessible when importing or exporting devices using CSV. |
| SR-PM Metrics in Advantage Package |
Delay and jitter metrics are available with Segment Routing Performance Monitoring (SR-PM). This feature is now included by default in the Crosswork Network Controller Advantage package. Previously, it required a separate installation of the Service Health component. |
If you encounter problems while working with Cisco Crosswork, check this list of open bugs. Each bug ID in the list links to a more detailed description and workaround. These are unresolved issues that are not verified, fixed, or integrated in this release.
See the Cisco bug search tool section for details on using the tool and searching for additional bug information.
The table below shows known issues and limitations that should be considered before starting to work with Crosswork Network Controller 7.1.0. These are product limitations or behaviors with no planned resolution.
Table 7. Known issues in Service Health
| Feature or issue |
Description |
| VPN Service Health dashlet |
When using the VPN Service Health dashlet, you may experience an intermittent delay of approximately 1-2 minutes in the synchronization of numbers and totals under specific conditions:
● Basic monitoring paused: The total count (Basic + Advanced) updates immediately.
● Advanced Monitoring Paused: The total count may not immediately reflect changes. During this time, discrepancies in the displayed counts for Basic, Advanced, and Total may occur. This behavior is due to throttling mechanisms and the gradual transition of services from paused to active states.
This may result in temporary mismatches between the Basic, Advanced, and Total counts during transitions. Waiting a few minutes to allow the numbers to synchronize fully is recommended. This behavior is expected and does not indicate a system error. |
| Service Health pods reconciliation |
In certain scenarios, such as Geo HA switchover, Service Health pods that show an Alarm ID describing the requested start of reconciliation may not receive a corresponding Alarm ID describing its completion. |
Table 8. Known issues in Service Provisioning
| Feature or issue |
Description |
| Conflicts in VPN TE Management policy deletion |
When using the VPN TE Management feature, simultaneously creating or deleting multiple VPN services on the same device can result in commit queue conflicts. In some cases, TE policies associated with deleted VPN services may remain in an "In-Progress" state and fail to be removed. To avoid this issue, apply changes one at a time. |
| Service Health pods reconciliation |
In certain scenarios, such as Geo HA switchover, Service Health pods that show an Alarm ID describing the requested start of reconciliation may not receive a corresponding Alarm ID describing its completion. |
| Services root key value constraints |
When provisioning a service, the service’s root key value cannot contain spaces (such as when typing a Name or ID field entry in the UI). This only applies to the root level keys (top level) and not the nested sub-level keys. This also applies to custom service model root level key values. |
| L3VPN services with probes remain in progress with TE Manager |
When provisioning an L3VPN service with probes enabled and the TE Manager package installed, the service may remain in an "In-Progress" state and not push configuration to devices. The NSO plan status shows "not-reached" and no zombie services are observed. Workaround: Manually mark the L3 TE assessment as completed using the following command in ncs_cli: request cw-te-manager actions set-l3-te-assessment-completed service <service-name> nodes [<node1> <node2> <node3>] |
Table 9. Known issues in Device Lifecycle Management
| Feature or issue |
Description |
| Single VM deployment |
When you change the device's Admin State from UNMANAGED to DOWN, the system automatically sets the state to UP because the auto-attach process attaches the device to the embedded collectors and modifies its Admin State from DOWN to UP. If changing the state to DOWN is necessary, you must manually change the state from the Edit Devices page as a next step. For information on editing the device information, see the Edit Devices section in Crosswork Network Controller 7.1 Device Lifecycle Management. |
Table 10. Known issues in Data Gateway
| Feature or issue |
Description |
| Critical alarms are not cleared after an upgrade |
When Crosswork Network Controller is upgraded to the 7.1 release, critical alarms remain uncleared, despite the data gateway VMs being UP and operational. |
Table 11. Known issues in Element Management Functions
| Feature or issue |
Description |
| Device-side issue – device image installation and configuration upgrade fail for Catalyst 8300, 8500, 9300, 9500 during Zero Touch Provisioning (ZTP) Plug and Play (PnP) |
During the ZTP PnP process, while the image download and installation complete successfully, the device fails during the image-install phase. This results in a 404 error with the message: PnP Service Error 1803: "Source file not found." The configuration upgrade fails during the ZTP PnP process, even when the correct configuration file is provided. The failure results in the error message: err=1416 (Invalid source config file for config upgrade). |
To support large-scale deployment, the components that make up Crosswork Network Controller are built with workload and endpoint load balancing using the Platform Infrastructure's cluster architecture.
Table 12. Scale support
| Feature |
Scale support |
| Devices |
25,000 |
| Total interfaces[3] |
1,200,000[4] |
| Provisioning of SR-TE policies and RSVP-TE tunnel (PCE-initiated) |
150,000 |
| IGP links |
200,000 |
| VPN services (L2VPN and L3VPN) |
300,000 |
The tables in this section list the hardware and software versions that have been tested and are known to be compatible with Crosswork Network Controller.
Many Crosswork Network Controller features depend on the underlying router XR/XE versions and the SR-PCE software. In the below tables, you can review those that are supported and working in combination with software versions on router platforms and SR-PCE.
Platform Infrastructure support
Table 13. Platform Infrastructure support
| Software |
Supported version(s) |
| Cisco Operating System Note: This is an application-level compatibility. |
Essentials tier
● Cisco IOS XR: 24.2.2, 24.3.1, 24.4.1, 25.1.x, 25.2.1
● Cisco IOS XE: 16.6.5, 16.12.7, 17.3.8, 17.9.5, 17.14.1
● Cisco NX-OS: 10.2(4), 10.3(4)
● Cisco IOS: 15.2.7
Advantage tier
● Cisco IOS XR: 7.7.1, 7.7.2, 7.8.1, 7.8.2, 7.9.1, 7.9.2, 7.10.1, 7.10.2, 7.11.1, 7.11.2, 24.1.x, 24.2.1, 24.2.11 (LNT), 24.4.2, 25.1.1, 25.2.1
● Cisco IOS XE: 17.9.1, 17.12.1, 17.12.3, 17.15.2, 17.16.1a
|
| Hypervisor and vCenter |
● VMware vCenter Server 8.0 (U2c or later) and ESXi 8.0 (U2b or later)
● VMware vCenter Server 7.0 (U3p or later) and ESXi 7.0 (U3p or later)
● Red Hat Enterprise Linux 9.4 KVM
|
| Browsers |
● Google Chrome: 131 or later
● Mozilla Firefox: 136 or later
|
| Data Gateway |
7.1.0 |
| Crosswork Network Services Orchestrator |
6.4.1.1 |
| Cisco Network Element Driver (NED)
● Cisco IOS XR:
◦ CLI: 7.66 ◦ NETCONF: 7.7.2, 7.8.2, 7.9.2, 7.10.2.1, 7.11.2, 24.2.1, 24.1.2
● Cisco IOS XE:
◦ CLI: 6.107.2 Note: Additional function packs may be required based on the applications and features being used. See the Crosswork Network Controller 7.1.0 Installation Guide for details. |
|
| Cisco Segment Routing Path Computation Element (SR-PCE) |
Cisco IOS XR 25.2.1 |
Device management support
Crosswork Network Controller is multivendor capable, leveraging open industry standard mechanisms and protocols such as BGP-LS, SNMP, gNMI, PCEP, segment routing, and NETCONF or YANG to communicate with network devices in a multivendor environment. See more details in the Crosswork Network Controller 7.1.0 Solution Workflow Guide.
Note: gNMI support is not available on Cisco IOS XE devices and limited to the openconfig-system/alarms path on Nexus devices.
The table details the Cisco device management support for IOS versions, SR-PCE, and Cisco devices.
The SR-PCE version should be equal to or higher than the PCC software version. PCC Cisco IOS XR 25.2.1 is recommended and has been validated to work with 7.1.0 features. Other listed PCC versions are supported but may not support all features because of PCC version limitations.
For detailed information on supported devices for Element Management Functions, refer to Crosswork Network Controller Essentials Supported Devices.
Table 14. Cisco IOS XR device management support
| Cisco IOS XR |
Cisco ASR 9901 (64-bit) |
Cisco XRv 9000[5] |
Cisco 8000 series[6] |
Cisco NCS 5500/5700 series |
Cisco NCS 540 series[7] |
Cisco NCS 560 series |
Cisco 8011 series fixed 1RU |
| 7.7.1 |
|
|
|
|
|
|
|
| 7.7.2 |
|
|
|
|
|
|
|
| 7.8.1 + SMU (CSCwc93705) |
|
|
|
|
|
|
|
| 7.8.2 |
|
|
|
|
|
|
|
| 7.9.1 |
|
|
|
|
|
|
|
| 7.9.2 |
|
|
|
|
|
|
|
| 7.10.1 |
|
|
|
|
|
|
|
| 7.10.2 |
|
|
|
|
|
|
|
| 7.11.1 |
|
|
|
|
|
|
|
| 7.11.2 |
|
|
|
|
|
|
|
| 24.1.x |
|
|
|
|
|
|
|
| 24.2.1 |
|
|
|
|
|
|
|
| 24.2.2 |
|
|
|
|
|
|
|
| 24.2.11 (LNT) |
|
|
|
|
|
|
|
| 24.3.1 |
|
|
|
|
|
|
|
| 24.4.1 |
|
|
|
|
|
|
|
| 24.4.2 |
|
|
|
|
|
|
|
| 25.1.1 |
|
|
|
|
|
|
|
| 25.2.1 |
|
|
|
|
|
|
|
Note: Segment Routing Traffic Matrix (SRTM) is only available on Cisco ASR 9000 and 9900 devices.
Table 15. Cisco IOS XE device management support
| Cisco IOS XE |
Cisco ASR 920 |
Cisco ASR 902 |
Cisco ASR 903 |
Cisco Catalyst C8300 |
Cisco Catalyst C8500 |
Cisco Catalyst CSR8KV |
Cisco ASR 1002-HX |
| 16.6.5 |
|
|
|
|
|
|
|
| 16.12.7 |
|
|
|
|
|
|
|
| 17.3.8 |
|
|
|
|
|
|
|
| 17.9.1 |
|
|
|
|
|
|
|
| 17.9.5 |
|
|
|
|
|
|
|
| 17.12.1 |
|
|
|
|
|
|
|
| 17.12.3 |
|
|
|
|
|
|
|
| 17.14.1 |
|
|
|
|
|
|
|
| 17.15.2 |
|
|
|
|
|
|
|
| 17.16.1a |
|
|
|
|
|
|
|
Cisco IOS software version support
Element Management encompasses all the functionalities included in the Crosswork Network Controller Essentials package. For more detailed information, refer to Crosswork Network Controller Essentials Supported Devices.
Table 16. Cisco IOS software version support
| Operating System |
Version |
Service Lifecycle Management |
Element Management[8] |
||
| Service Provisioning |
Traffic Engineering/ Optimization |
Monitoring/ Assurance |
|||
| IOS-XR |
7.7.1 |
|
|
|
|
| 7.7.2 |
|
|
|
||
| 7.8.1 |
|
|
|
||
| 7.8.2 |
|
|
|
|
|
| 7.9.1[11] |
|
|
|
||
| 7.9.2[13] |
|
|
|
||
| 7.10.1 |
|
|
|
|
|
| 7.10.2 |
|
|
|
|
|
| 7.11.1 |
|
|
|
|
|
| 7.11.2 |
|
|
|
|
|
| 24.1.x |
|
|
|
|
|
| 24.2.2[15] |
|
|
|
|
|
| 24.2.11 (LNT) |
|
|
|
|
|
| 24.3.1 |
|
|
|
|
|
| 24.4.1 |
|
|
|
|
|
| 24.4.2 |
|
|
|
|
|
| 25.1.1 |
|
|
|
|
|
| 25.2.1 |
|
|
|
|
|
| 16.6.5 |
|
|
|
|
|
| 16.12.7 |
|
|
|
|
|
| 17.3.8 |
|
|
|
|
|
| 17.9.1 |
|
|
|
|
|
| 17.9.5 |
|
|
|
|
|
| 17.12.1 |
|
|
|
|
|
| 17.12.3 |
|
|
|
|
|
| 17.14.1 |
|
|
|
|
|
| 17.15.2 |
|
|
|
|
|
| 17.16.1a |
|
|
|
|
|
| NX-OS[18] |
10.2(4) |
|
|
|
|
| 10.3(4) |
|
|
|
|
|
Crosswork Network Controller Essentials Tier-device software coverage matrix
Table 17. Crosswork Network Controller Essentials Tier-device software coverage matrix
| Operating System |
Device |
Inventory |
SWIM |
ZTP |
Fault |
PM |
Config backup recovery |
Config Templates |
| IOS-XR 24.2.2, 24.3.1, 24.4.1 |
Cisco ASR-9000 series (32 and 64-bit)[19] |
|
|
|
|
|
|
|
| Cisco NCS 5700 series[21] |
|
|
|
|
|
|
|
|
| Cisco 8000 series[22] |
|
|
|
|
|
|
|
|
| IOS-XE 16.6.5, 16.12.7, 17.3.8, 17.9.5, 17.14.1 |
Cisco ASR 1000 series[23] |
|
|
|
|
|
|
|
| CSR 1000v |
|
|
|
|
|
|
|
|
| CAT 8000 series[24] |
|
|
|
|
|
|
|
|
| CAT 3000 series[25] |
|
|
|
|
|
|
|
|
| CAT 9000 series[26] |
|
|
|
|
|
|
|
|
| IOS 15.2.7 |
CAT 2000 series[27] |
|
|
|
|
|
|
|
| NX-OS 10.2(4), 10.3(4) |
Nexus 9000 series[28] |
|
|
|
|
|
|
|
| IOS-XR 25.1.x, 25.2.1 |
Cisco 8011 |
|
|
|
|
|
|
|
| Cisco 8404, N540 |
|
|
|
|
|
|
|
Networking technology support for Traffic Engineering
Table 18. Supported features
| Category |
Description |
Notes / Details |
| Segment Routing (SR)
|
SR-MPLS PCE initiated policies |
Policies that are provisioned or discovered by Crosswork Network Controller. |
| PCC initiated policies and ODN policies |
Policies that are discovered by Crosswork Network Controller. |
|
| Explicit path SR-TE policies |
Policies that are PCC initiated (SID list with labeled SID list with addresses), PCE reported, PCE initiated. Includes SRv6 TE discovery of PCC initiated policies. |
|
| Dynamic path SR-TE policies |
PCC computed, PCE reported, PCE delegated. |
|
| Single consistent Segment Routing Global Block (SRGB) configured on routers throughout domain covered by Crosswork Network Controller |
— |
|
| Egress Peer Engineering (EPE) PeerAdjacency SIDs, PeerNode SIDs |
● EPE must be configured on both ends of the eBGP link to appear in Crosswork Network Controller.
● EPE PeerAdjacency SIDs and PeerNode SIDs are represented as individual links in the Crosswork UI between the corresponding Autonomous Systems border routers (ASBR).
● EPE PeerNode SIDs are identified by the Border Gateway Protocol Router ID (BGP RID) Loopbacks as the A and Z side link interfaces.
● Labels for both types of EPE SIDs, are shown as adjacency SIDs in the Crosswork Network Controller UI.
|
|
| Prefix SID |
Regular/Strict Node SIDs + FA. Includes SRv6 Locators. |
|
| Adjacency SID |
B-flag (protected/unprotected), P-flag (Persistent). Includes SRv6 Locators. |
|
| SR policy optimization objective min-metric (IGP, TE, and Latency) |
PCE initiated provisioning and PCC initiated discovery. |
|
| SR policy path constraints (affinity and disjointness, protected segments) |
● Only 2 SR-MPLS policies per disjoint group or sub-id are supported. Disjoint Types: link, node, srlg, srlg-node.
● Only 32-bit affinities supported. EAG (RFC 7308) is not reported by PCE and not visualized by Crosswork Network Controller.
|
Information portal
An Information Portal is available for Crosswork Network Controller 7.1.0. Information is categorized per functional area, making it easy to find and easy to access. You can access the portal using https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/crosswork-doc-portal/doc_portal.html.
If you want to access documentation for all Cisco Crosswork products, use https://www.cisco.com/c/en/us/support/cloud-systems-management/crosswork-network-automation/series.html#~tab-documents.
Product documentation
These documents are provided for Crosswork Network Controller 7.1.0.
Table 19. Crosswork Network Controller 7.1.0 documentation
| Document |
Description |
| Release Notes for Cisco Crosswork Network Controller, Release 7.1.0 |
The current document. |
| Shared installation guide for all the Crosswork Network Controller components and their common infrastructure. The guide covers:
● system requirements
● installation requirements
● installation instructions, and
● upgrade instructions
|
|
| Cisco Crosswork Network Controller 7.1.0 Administration Guide |
Shared administration guide for all the Cisco Crosswork components and their common infrastructure. The guide covers:
● managing clusters and data gateway
● data collection
● high availability
● backup and restore
● onboard and manage devices
● set up maps
● managing users, access and security
● maintain system health.
|
| Cisco Crosswork Network Controller 7.1.0 Device Lifecycle Management |
● Device management
● Configuration management
● Software image management (SWIM)
● Monitoring policies
● Alert management
● Zero touch provisioning
● Supported devices
|
| Cisco Crosswork Network Controller 7.1.0 Traffic Engineering and Optimization |
Provides information on how to visualize and configure traffic engineering in Crosswork Network Controller. |
| Cisco Crosswork Network Controller 7.1.0 Network Bandwidth Management |
Provides information on how to use Crosswork Network Controller feature packs. Feature packs are tools that tackle congestion mitigation and the management of SR-TE policies to find and maintain intent based bandwidth requirements. |
| Cisco Crosswork Network Controller 7.1.0 Service Health Monitoring |
Provides information on monitoring the health of L2VPN and L3VPN services. It provides insights into analyzing and troubleshooting degraded services, as well as visualizing service health status and logical dependency trees. |
| Cisco Crosswork Network Controller 7.1.0 Closed-Loop Network Automation |
Provides information on real-time Key Performance Indicator (KPI) monitoring, alerting, and troubleshooting. It also provides information on the automated process of deploying changes to the network. |
| Cisco Crosswork Network Controller 7.1.0 Solution Workflow Guide |
● Solution overview
● Supported use cases and their benefits.
● Procedures for achieving the desired outcome for real-life usage scenarios using the Crosswork Network Controller UI.
|
| Open Source Used in Cisco Crosswork Network Controller 7.1.0 |
Lists of licenses and notices for open source software used in Crosswork Network Controller 7.1.0. |
| Advanced users can extend the Cisco Crosswork functionality using the APIs. API documentation is available on Cisco Devnet. |
Table 20. Article content
| Article |
Description |
| Describes custom templates and provides information on how to create and load the custom templates. |
Table 21. Function Pack documentation
| Document |
Description |
| Cisco NSO Transport SDN Function Pack Bundle 7.1.0 User Guide |
Describes how to configure and use the Transport SDN function packs. |
| Cisco NSO Transport SDN Function Pack Bundle 7.1.0 Installation Guide |
Provides information to install Cisco NSO Transport SDN Function Pack Bundle. |
| Cisco Network Services Orchestrator DLM Service Pack 7.1.0 Installation Guide |
Describes how to install the DLM service pack on Cisco NSO and configure the Cisco NSO sync policy. |
| Cisco Crosswork NSO Telemetry Traffic Collector Function Pack 7.1.0 Installation Guide |
Provides information to install and configure the Telemetry Traffic Collector function pack. |
| Cisco Crosswork Change Automation NSO Function Pack 7.1.0 Installation Guide |
Describes how to download, install, and configure the Cisco Crosswork Change Automation function pack on Cisco NSO. |
| Describes how to configure and use the auto-discovery tool. |
You can use the Cisco Bug Search Tool to search for bugs.
1. Go to the Cisco Bug Search Tool.
2. Enter your registered Cisco.com username and password and click Log In. The Bug Search page opens.
Note: If you do not have a Cisco.com username and password, you can register on the registration page.
3. To search for all Cisco Crosswork bugs, from the Product list select Cloud and Systems Management > Routing and Switching Management > Cisco Crosswork Network Automation and enter additional criteria (such as bug ID, problem description, a feature, or a product name) in the Search For field. Examples: "Optimization Engine" or "CSCwc62479". When the search results are displayed, use the filter tools to narrow the results. You can filter the bugs by status, severity, and so on.
Note: To export the results to a spreadsheet, click Export Results to Excel.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: https://www.cisco.com/c/en/us/about/legal/trademarks.html. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1721R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2025 Cisco Systems, Inc. All rights reserved